<?php
require '../../include/library.inc.php';
require '../../include/admin_login.inc.php';
require '../../include/paging.inc.php';
$user_id = $_REQUEST["user_id"];


if (!isset($_POST['is_submitted'])) {
    	$_POST['is_submitted'] = '';
	}
	if (!isset($_POST['email'])) {
		$_POST['email'] = '';
	}
	if (!isset($_POST['password'])) {
		$_POST['password'] = '';
	}
	if (!isset($error_message)) {
		$error_message = '';
	}
	$redirect = $_SERVER['HTTP_REFERER'];	
	
	if ($_POST['is_submitted']) {
		$error_message = '';
		$redirect = $_POST["redirect"];
		if (!$_POST['email']) $error_message .= 'Не е въведен E-mail адрес<br/>';
		else $_POST['email'] = escape($_POST['email']);
		 if (checkEmail($_POST['email'])== 0) $error_message .= "Невалиден E-mail адрес<br/>";
		if ($_POST['password'])
		{
		if (!$_POST['repassword']) $error_message .= 'Повторете паролата<br/>';
		else $_POST['repassword'] = escape($_POST['repassword']);
		if ($_POST['password'] != $_POST['repassword']) $error_message .= 'Въведените пароли не съвпадат<br/>';
		}
	
		if (!$error_message) {
			$sql = "SELECT
						*
					   FROM
						 users
					   WHERE
						 email = \"".escape($_POST['email'])."\"
						 
						 AND user_id != '$user_id'
					   
					";
			$result = query($sql);
			if ($row = mysql_fetch_object($result)) {
				$error_message = 'Вече има потребител регистриран с този e-mail!';
			} else {
				
				$sql = "UPDATE users SET
						 email = '".escape($_POST['email'])."',
						 full_name = '".escape($_POST['fullname'])."'
					   WHERE
					   user_id = '$user_id'
					   ";
					  if($_POST['password'])
					  {
						$sql = "UPDATE users SET
						 email = '".escape($_POST['email'])."',
						 full_name = '".escape($_POST['fullname'])."',
						 h_password = '".md5(escape($_POST['password']))."'
					   WHERE
					   user_id = '$user_id'
					   ";  
					  }
					   
				query($sql);
				redirect($redirect);
				
			}
		}
	}
	head_admin("Редактиране на потребителски профил");
?>
  	
	
	
			
            <div class="topbuttons">
            	<a href="users.php">Обратно</a>
            </div>
			
            <h3>Редактиране на потребителски профил</h3>
            <form action="<?=$_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data">
            <input type="hidden" name="is_submitted" value="1" />
			 <input type="hidden" name="user_id" value="<?=$user_id?>" /> 
              <input type="hidden" name="redirect" value="<?=$redirect?>" />
			<dl class="clearfix" style="border:1px solid #ccc; background:#fff; border-radius:10px;">
			
			<?php if ($error_message) { ?>
			<div class="red" style="padding:10px;">
				<?=$error_message?>
			</div><br /><br />
			<?php } 
			$sql = "SELECT 
						email,
						full_name
					FROM
						users
					WHERE
						user_id ='$user_id'
					
					";
			$result_use = query($sql);
			$row_use = mysql_fetch_object($result_use);
			
			$email = $row_use->email;
			$fullname = $row_use->full_name;
			if ($_POST['is_submitted'])
			{
				$fullname = $_POST['fullname'];
				$email = $_POST['email'];
				
			}
			
			 
			?>
			
            <dt><label for="email" class="required">E-mail</label></dt>
            <dd class="short"><input class="inputbox" name="email" type="text" value="<?=$email?>" ></dd>
            
            <dt><label for="email" class="required">Име и фамилия</label></dt>
            <dd class="short"><input class="inputbox" name="fullname" type="text" value="<?=$fullname?>" ></dd>
			
			<dt><label for="password" class="required">Нова парола</label></dt>
            <dd class="short"><input class="inputbox" name="password" type="password" value="<?=$_POST['password']?>" ></dd>
			<dt><label for="password" class="required">Повтори парола</label></dt>
            <dd class="short"><input class="inputbox" name="repassword" type="password" value="<?=$_POST['repassword']?>" ></dd>
			<dd class="submit">
            <input type="submit" name="submit" id="submit" value="Запиши">
            </dd>
			
            </dl>
			</form>
            
<?php
	foot_admin(); 
?>